Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ukrainian Arrested In India For TJX Data Theft

Posted by kdawson on from the long-long-arm dept.

ComputerWorld reports "A Ukrainian national has been arrested in India in connection with the most notorious hacking incident in US history." "Sergey Valeryevich Storchark was one of 11 men charged in August 2008 with hacking into nine US retailers and selling tens of millions of credit card numbers. He was arrested in India earlier this week, according to a spokesman with India's Central Bureau of Investigation (CBI). In a statement, the CBI said they'd arrested Storchark in New Delhi on the night of May 8, as he deplaned from a flight from Goa, for layover before a flight to Turkey. US authorities had asked for his extradition via diplomatic channels. ... 'His extradition and prosecution would have been very unlikely had he reached his final destination of Ukraine,' the CBI said."

27 of 40 comments (clear)

  1. Great by adeft · · Score: 1

    Identity fraud-related crimes really hurt. Had my information stolen by someone that worked at the HQ of my bank at the time.

  2. Belongs in Prison by CSHARP123 · · Score: 2, Informative

    Identity theft is a big problem to deal for the victim. One of my friend took nearly 3 years to clear all the crap these guys pull. These scum bags belong in prison for life.

    1. Re:Belongs in Prison by Shakrai · · Score: 5, Insightful

      These scum bags belong in prison for life.

      Are you referring to the scumbag identity thieves or the scumbags in the financial sector that decided that someone entering a DOB and SSN on a website would be enough "verification" of identity to allow someone to open credit accounts?

      I know someone who applied for and received a $25,000 line of credit from Citi online with no actual verification of who he was. His credit card arrived in the mail a few days later. He had recently moved and his new address wasn't even on his credit report yet. You'd think the fact that the card was going to a previously unknown address would be enough to set off a red flag but it didn't. All he did was apply online using information that any idiot who was willing to dumpster diving could have retrieved.

      --
      I want peace on earth and goodwill toward man.
      We are the United States Government! We don't do that sort of thing.
    2. Re:Belongs in Prison by Shakrai · · Score: 1

      Shit rolls downhill.....

      --
      I want peace on earth and goodwill toward man.
      We are the United States Government! We don't do that sort of thing.
    3. Re:Belongs in Prison by SkunkPussy · · Score: 1

      yes exactly - adding larger sentences doesn't really decrease the chance of people committing the crimes. Particularly for "irrational" crimes.

      --
      SURELY NOT!!!!!
    4. Re:Belongs in Prison by EdIII · · Score: 2, Insightful

      I have a big problem with that. Prison for life is not only very costly, but you would be surprised what just 10 years is like in prison.

      On another note, why does he get to go to prison for life, but all those wonderful human beings that:

      - Set up securitized mortgages and played fast and loose with mortgage notes.
      - Bypassed the court systems by creating non-judicial foreclosures where you could not even complain it was the wrong company or they could not produce the note
      - Stole billions, still not a widely known fact, by selling the *same* mortgage 2, 3, or 4 times in different securitized packages causing multiple companies to come after you at the same time making it difficult to even determine the appropriate part to sue, let alone pay.

      Yeah. Those identity thieves need to be put in prison for life at our expense, but Wall Street douchebags get bailed out with our taxes and allowed to enjoy their freedoms.

      Let the bullshit continue and rich investors clean up by stealing all the property and land in the last couple of years at pennies on the dollars, FUNDED BY US!!!!

    5. Re:Belongs in Prison by blair1q · · Score: 1

      The reason that happens is that people moving and requesting new accounts happens thousands of times a day, so banks consider it much more costly to vet those activities than to chase down the few frauds who slip into line.

      And they really, truly, don't give a flying fuck how much it costs you to clear up anything that doesn't directly involve them. It doesn't enter into their forecasts, and they don't waste time agonizing over it. They're too busy analyzing politicians for malleability, because stopping regulation earns them a 400-1000% ROI.

    6. Re:Belongs in Prison by russotto · · Score: 1

      Yeah. Those identity thieves need to be put in prison for life at our expense, but Wall Street douchebags get bailed out with our taxes and allowed to enjoy their freedoms.

      Who said anything about that? As far as I'm concerned the crooked douchbags can share a cell with the identity thieves.

    7. Re:Belongs in Prison by EdIII · · Score: 1

      My point is that the identity thieves make off with less than $100k per person. Usually far less than that. I went through identity theft myself and my losses were really only around $1000 out of pocket to pay a law firm to hammer the f*ck out of the reporting agencies to get the bad stuff removed. Even with liberal estimates for my time and credit line loss, whatever, it had to have been less than $10,000.

      What happened on Wall Street and with real estate resulted in theft and losses of property in the billions and billions. We have yet to see any reform or regulation come out of this, and those that perpetrated the outright fraud aspects of this continue to enjoy their freedoms.

      I see this douchebag picked up in India as an example of blue collar crime. The real douchebags that are continuing to perform the white collar crime this very minute, doing easily hundreds of times the damage this guy did per day are effectively untouchable.

    8. Re:Belongs in Prison by CSHARP123 · · Score: 1

      No doubt banks are culpable in the kind of crap you have mentioned. I am talking about people who deliberately break into peoples account and commint fraud. This is what the case here being discussed.

    9. Re:Belongs in Prison by mrmeval · · Score: 1

      The scumbags in the financial sector and the politicians who eat their shit share most of the blame for this. The politicians need to put the burden on the financial institution who will then have to bleed money or fix their shit.
       

      --
      I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
  3. Should have stayed in the Ukraine by phantomcircuit · · Score: 1

    Epic fail... the Ukraine is basically the world center of Internet crime and it's because nobody ever gets caught there.

  4. Re:shoot him by Locke2005 · · Score: 4, Insightful

    Don't shoot them. Just release all their personal details to everyone whose information they stole. Probably at least one of the victims is unstable enough to track the bastard down and exact revenge for the whole group of victims... especially true if we're talking about millions of victims.

    I had an incident where somebody ordered an item with my wife's credit card and had it shipped to another address. When we complained that this transaction was not authorized, they took it off my wife's account, but refused to disclose the address the item had been shipped to, citing "privacy" concerns. Hold on -- people are allowed to commit fraud but still retain their "right" to privacy?!? If it's my account, I have a right to disclosure of full details on every transaction! Again, provide full disclosure, and eventually the criminals will attempt to screw over the wrong person -- which is win-win for the rest of us.

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
  5. Deplane by EdtheFox · · Score: 1, Funny

    ...as he deplaned from a flight...

    Who uses that word?! and Is there anyone over the age of 35 that doesn't think of Hervé Villechaize when you hear the word deplane?

    1. Re:Deplane by Monkeedude1212 · · Score: 1

      I think it was the Indian Central Bureau of Investigation trying to sound cool using one of those English prefixes while simultaneously verbing a word. All the new kids are doing it.

      Just like how I insandwiched my lunch, after devanning and unexitted my work.

  6. Re:Who should have been arrested is ... by Locke2005 · · Score: 1

    No, if they are going to run an unsecured wireless network with access to customer credit card data, they deserved to be made financially responsible for all transactions made using the leaked data. I suspect being responsible for a multi-million dollar write-off might be somewhat limiting to one's career in IT.

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
  7. Re:shoot him by Anonymous Coward · · Score: 3, Insightful

    Again, provide full disclosure, and eventually the criminals will attempt to screw over the wrong person -- which is win-win for the rest of us.

    The problem with that is that in North America, the company might get sued for criminal negligence if they gave out that info and a vigilante took the law into their own hands and went a little too far with their street justice. The truth is that vigilantism is still taboo here, and with good reason, so these companies have due-diligence policies that they only release said information to the authorities if said authorities choose to proceed with a legal investigation. The fact is that you neither own the credit card number nor the account on the company's server, so you have no legal right to the information. If you have a problem with that, don't use the service.

    Yes, it sucks that the credit card companies typically choose to write off small amounts of fraud because the police won't investigate small claims, but as long as the debt is theirs, it's their right. What really needs to be rectified is the credit bureaus that treat easily obtainable information as sufficient to establish an identity and leave the onus on the consumer to rectify errors in their database. We need to put the financial onus on them to maintain correct information in their DB, much like the onus on credit fraud is on the banks/creditors.

  8. Re:principle of "attractive nuisance" by timeOday · · Score: 1

    Well, maybe enough successful prosecutions will make it easier for those so inclined to restrain themselves. I sure hope so.

  9. Re:principle of "attractive nuisance" by blair1q · · Score: 4, Informative

    That's not attractive nuisance. An attractive nuisance is something that is inviting but dangerous to children, like an unfenced swimming pool or a broken swingset. A pile of gold may be inviting, but it's not dangerous. And attractive nuisance isn't a mitigating factor in charges against the child, it's a charge against the person who left the nuisance where it could do harm to the child.

    Stealing others' property is never excused by "they should have locked it up" arguments. Nor is hacking into others' computers.

  10. lifelock? by jaryd · · Score: 1

    Shoulda signed up...suckers!

  11. Re:shoot him by blair1q · · Score: 2, Insightful

    Report the fraud to the police. They will ask a judge, nicely, to look into the "private" data, and then they will arrest, try, convict, and punish the perpetrator.

    That is, if it's above the baseline for their enforcement budget for the year, and they don't have something serious to deal with.

    But you can only do that if it's still costing you money.

    Once the credit-card company comped your account, you no longer had a case, but they did, so it's their concern, not yours.

    But watch all your other financial accounts; if your identity really was stolen, and it's not just a case of someone having your credit card number and using it on a website that doesn't actually check any identification, then you might see people opening bank accounts, applying for loans, starting businesses, etc. under your name.

  12. Now if they could only arrest Canadian Pharmacy by merc · · Score: 1

    According to ROKSO the folks who run the Canadian Pharmacy run out of the Ukraine. I'd have to say they are the most annoying bastards I've ever seen, at least as far as spammers go. I'm waiting for the day when they get their come upppance. I hope I live to see it.

    --
    It's true no man is an island, but if you take a bunch of dead guys and tie 'em together, they make a good raft.
  13. Re:shoot him by Monkeedude1212 · · Score: 1

    I think I would have asked for the address before reporting it as fraud.

  14. Re:principle of "attractive nuisance" by blair1q · · Score: 1

    TJX is liable. There's no question of that. But not for an attractive nuisance. Merely for negligence in disclosing valuable information entrusted to them.

  15. "identity" "theft" by FuckingNickName · · Score: 1, Insightful

    Your identity is never stolen. It's as much a misnomer as "piracy".

    What usually happens is that private corporations penalise you because they've put you in some set of lame risk databases they use, and it turns out that your entries were filled against your favour as a result of the actions of someone else.

    It's your own (plural, every one of you) fault for putting so much trust and reliance on the convenience of the good ol' entry in a database by which your life is made or broken.

  16. off to the call center for you! by cstacy · · Score: 1

    Maybe they will imprison him in Hyderabad and force him to work in a call center handling people's personal information! http://news.bbc.co.uk/2/hi/south_asia/8677486.stm

  17. Re:shoot him by heteromonomer · · Score: 1

    Absolutely agree. Somebody had ordered a $1500 TV on Bestbuy with my credit card. I am always careful, almost paranoid about security and privacy, and even have a paid fraud-alert and id theft monitoring service (which I wonder if it is worth, or even dangerous in itself) on my credit cards. I complained and the bank took it off my account. But the joke is that they wouldn't tell me what the shipping address was (why the fuck not??) and what's worse, even what they are going to do about it. Like what the results of their "investigation" were, and whether anyone was brought to book. The least I would like to know is which merchant caused this leakage of info. Nothing, no info, about how I was defrauded, and what I could've done to avoid the next fraud. Yeah, innocent until found guilty and all that. Sure. But once found guilty, either make the punishment harsh, or at least reveal full details. What I suspect is the banks don't even bother. Their investigation = hush hush, and writing off as a loss.